sophos.sophos_firewall.sfos_xmlapi module – Use the XML API to get, create, update, or delete settings on Sophos Firewall.

Note

This module is part of the sophos.sophos_firewall collection (version 2.0.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install sophos.sophos_firewall. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sophos.sophos_firewall.sfos_xmlapi.

New in sophos.sophos_firewall 1.0.0

Synopsis

• Creates, updates or removes objects on Sophos Firewall using XML tags and/or payloads.

Requirements

The below requirements are needed on the host that executes this module.

• sophosfirewall-python

• Beginning in version 2.0.0, this module requires use of an httpapi connection plugin. See the HTTPAPI example for details.

Parameters

Parameter	Comments
data string	XML payload data for use with the present (add) or updated (update) state.
key string	Optional search key when using the query option.
name string / required	Name of an object to retrieve when using query option, or to delete when using absent.
operator string	Optional search operator when using the query option. Choices: "=" "!=" "like"
state string / required	Use query to retrieve, present to create, absent to remove, or updated to modify Choices: "present" "absent" "updated" "query"
value string	Optional search value when using the query option.
xml_tag string / required	The XML tag for the lookup when using the query option, or the top-level tag when creating/updating.

Examples

- name: CREATE MAC HOST
  sophos.sophos_firewall.sfos_xmlapi:
    xml_tag: MACHost
    data: |
            <MACHost>
                <Name>TESTMACHOST1</Name>
                <Description>Created by Ansible xmlapi module</Description>
                <Type>MACAddress</Type>
                <MACAddress>00:16:76:49:33:FF</MACAddress>
            </MACHost>
    state: present

- name: UPDATE MAC HOST
  sophos.sophos_firewall.sfos_xmlapi:
    xml_tag: MACHost
    data: |
            <MACHost>
                <Name>TESTMACHOST1</Name>
                <Description>UPDATED by Ansible xmlapi module</Description>
                <Type>MACAddress</Type>
                <MACAddress>00:16:76:49:01:01</MACAddress>
            </MACHost>
    state: updated

- name: GET MAC HOST
  sophos.sophos_firewall.sfos_xmlapi:
    xml_tag: MACHost
    name: TESTMACHOST1
    state: query

- name: REMOVE MAC HOST
  sophos.sophos_firewall.sfos_xmlapi:
    name: TESTMACHOST1
    xml_tag: MACHost
    state: absent
  delegate_to: localhost

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
api_response dictionary	Serialized object containing the API response. Returned: always

Authors

• Matt Mullen (@mamullen13316)

Collection links

• Issue Tracker
• Repository (Sources)

Warning

If the firewall is a member of a group in Central, the changes made by Ansible will override the settings of the group. The actual configuration on the firewall may then differ from what is displayed for the same setting in the Central group.